Here’s a comprehensive README.md file for your project. It includes an overview, setup instructions, usage examples, and details about the gRPC service and protobuf definitions.
This project provides a gRPC-based authentication service that supports OAuth2.0, token verification, user information retrieval, and multi-factor authentication (MFA). It integrates with identity providers like Google and GitHub and uses Auth0 for authentication.
- Features
- Getting Started
- Running the Service
- gRPC API Documentation
- Testing
- Code Generation
- Linting
- Contributing
- License
- OAuth2.0 Integration: Supports Google and GitHub as identity providers.
- Token Management: Generate, verify, and refresh access tokens.
- User Information: Retrieve user details such as email, roles, and metadata.
- Multi-Factor Authentication (MFA): Supports MFA status checks and challenge completion.
- gRPC API: Provides a well-defined gRPC interface for authentication and authorization.
- Go 1.20 or higher
- Protocol Buffers (
protoc) - Buf CLI (
buf) - Auth0 account (for OAuth2.0 integration)
-
Clone the repository:
git clone https://github.com/Takayuki-Y5991/go-authentications.git cd go-authentications -
Install dependencies:
go mod download
-
Install development tools:
make tools
Create a .env file in the root directory with the following environment variables:
AUTH0_DOMAIN=your-auth0-domain
AUTH0_CLIENT_ID=your-client-id
AUTH0_CLIENT_SECRET=your-client-secret
AUTH0_AUDIENCE=https://api.example.com
AUTH0_REDIRECT_URL=https://example.com/callback
SERVER_PORT=50051
SERVER_SHUTDOWN_TIMEOUT=10-
Build the application:
make build
-
Run the service:
make run
-
The service will start on the specified port (
SERVER_PORT). You can interact with it using a gRPC client.
The service provides the following gRPC methods:
- GenerateAuthorizationURL: Generates an OAuth2.0 authorization URL.
- ExchangeAuthorizationCode: Exchanges an authorization code for tokens.
- VerifyToken: Validates an access token.
- RefreshToken: Obtains a new access token using a refresh token.
- GetUserInfo: Retrieves authenticated user information.
- GetMFAStatus: Retrieves the current MFA configuration and status.
- CompleteMFAChallenge: Verifies an MFA challenge and returns a new token.
For detailed request and response structures, refer to the protobuf definitions.
-
Run all tests:
make test -
Run unit tests only:
make test-unit
-
Run integration tests:
make test-integration
-
Run tests with coverage:
make test-coverage
- Verbose Output: Use
make test-verbosefor detailed test output. - JSON Output: Use
make test-jsonto generate a JSON test report.
The project uses Protocol Buffers for gRPC API definitions. To generate Go code from the .proto files:
make generateThis will generate the necessary Go files in the gen/proto directory.
make lintmake lint-fixThe gRPC API is defined using Protocol Buffers. Below is an overview of the .proto file:
service AuthenticationService {
rpc GenerateAuthorizationURL(GenerateAuthorizationURLRequest) returns (GenerateAuthorizationURLResponse);
rpc ExchangeAuthorizationCode(ExchangeAuthorizationCodeRequest) returns (TokenResponse);
rpc VerifyToken(VerifyTokenRequest) returns (VerifyTokenResponse);
rpc RefreshToken(RefreshTokenRequest) returns (TokenResponse);
rpc GetUserInfo(GetUserInfoRequest) returns (UserInfoResponse);
rpc GetMFAStatus(GetMFAStatusRequest) returns (GetMFAStatusResponse);
rpc CompleteMFAChallenge(CompleteMFAChallengeRequest) returns (TokenResponse);
}- GenerateAuthorizationURLRequest: Request to generate an OAuth2.0 authorization URL.
- TokenResponse: Common response format for token-related operations.
- VerifyTokenRequest/VerifyTokenResponse: Request and response for token verification.
- UserInfoResponse: Response containing user information.
- MFAInfo: Structure for MFA configuration and status.
For the full .proto file, refer to proto/auth/v1/auth.proto.
This README.md provides a comprehensive guide to setting up, running, and contributing to the project. Let me know if you need further assistance!